Page 91 / 176 Scroll up to view Page 86 - 90
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Basic Virtual Private Networking
5-13
v1.0, September 2007
c.
In the Authentication Method menu, select Pre-Shared key.
d.
In the Encrypt Alg menu, select the type of encryption. In this example, use Triple DES.
e.
In the Hash Alg menu, select SHA-1.
f.
In the SA Life menu, select Unspecified.
g.
In the Key Group menu, select Diffie-Hellman Group 2.
7.
Configure the VPN Client Key Exchange Proposal. Provide the type of encryption (DES or
3DES) to be used for this connection. This selection must match your selection in the FVG318
configuration.
a.
Expand the Key Exchange subheading by double clicking its name or clicking on the “+”
symbol. Then select Proposal 1 below Key Exchange.
b.
In the SA Life menu, select Unspecified.
c.
In the Compression menu, select None.
d.
Check the Encapsulation Protocol (ESP) check box.
e.
In the Encrypt Alg menu, select the type of encryption. In this example, use Triple DES.
f.
In the Hash Alg menu, select SHA-1.
g.
In the Encapsulation menu, select Tunnel.
h.
Leave the Authentication Protocol (AH) check box unchecked.
Figure 5-12
Page 92 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
5-14
Basic Virtual Private Networking
v1.0, September 2007
8.
Save the VPN Client Settings. From the File menu at the top of the Security Policy Editor
window, click
Save
.
After you have configured and saved the VPN client information, your PC will automatically open
the VPN connection when you attempt to access any IP addresses in the range of the remote VPN
firewall’s LAN.
To check the VPN connection.
Initiate a request from the remote PC to the FVG318’s network by using the “Connect” option in
the NETGEAR ProSafe menu bar. The NETGEAR ProSafe client will report the results of the
attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must
initiate the request.
To perform a ping test using our example, start from the remote PC:
1.
Establish an Internet connection from the PC.
2.
On the Windows tasteable, click the
Start
button, and then click
Run
.
3.
Type
ping -t 192.168.3.1
, and then click
OK
.
Figure 5-13
Page 93 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Basic Virtual Private Networking
5-15
v1.0, September 2007
This will cause a continuous ping to be sent to the first FVG318. After between several
seconds and two minutes, the ping response should change from “timed out” to “reply”, as
shown below.
Once the connection is established, you can open the browser of the PC and enter the LAN IP
address of the remote FVG318. After a short wait, you should see the login screen of the VPN
Firewall Router (unless another PC already has the FVG318 management interface open).
Monitoring the Progress and Status of the VPN Client Connection
Information on the progress and status of the VPN client connection can be viewed by opening the
NETGEAR ProSafe Log Viewer.
To launch this function:
1.
Click the Window
s Start
button, and select
Programs > NETGEAR ProSafe VPN Client >
Log Viewer
. The Log Viewer screen for a similar successful connection is shown below:
Figure 5-14
Figure 5-15
Page 94 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
5-16
Basic Virtual Private Networking
v1.0, September 2007
2.
The Connection Monitor screen for a similar connection is shown below:
In this example you can see the following:
The FVG318 has a public IP WAN address of 22.23.24.25.
The FVG318 has a LAN IP address of 192.168.3.1.
The VPN client PC has a dynamically assigned address of 192.168.2.2.
While the connection is being established, the Connection Name field in this menu will say “SA”
before the name of the connection. When the connection is successful, the “SA” will change to the
yellow key symbol shown in the illustration above.
Figure 5-16
Note:
Use the active VPN tunnel information and pings to determine whether a failed
connection is due to the VPN tunnel or some reason outside the VPN tunnel.
Figure 5-17
Page 95 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Basic Virtual Private Networking
5-17
v1.0, September 2007
Transferring a Security Policy to Another Client
This section explains how to export and import a security policy as an
.spd
file so that an existing
NETGEAR ProSafe VPN Client configuration can be copied to other PCs running the NETGEAR
ProSafe VPN Client.
The following procedure (
Figure 5-18
) enables you to export a security policy as an
.spd
file.
To export a security policy:
1.
Select
Export Security Policy
from the
File
pull-down menu.
2.
Once you decide the name of the file and directory where you want to store the client policy,
click
Export.
In this example, the exported policy is named
policy.spd
and is being stored on the C drive.
Note:
While your PC is connected to a remote LAN through a VPN, you might not have
normal Internet access. If this is the case, you will need to close the VPN
connection in order to have normal Internet access.
Figure 5-18
Figure 5-19

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top